Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 25177 invoked from network); 22 Jul 2009 16:17:02 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 22 Jul 2009 16:17:02 -0000 Received: (qmail 35277 invoked by uid 500); 22 Jul 2009 16:18:03 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 35227 invoked by uid 500); 22 Jul 2009 16:18:03 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 35216 invoked by uid 99); 22 Jul 2009 16:18:03 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 22 Jul 2009 16:18:03 +0000 X-ASF-Spam-Status: No, hits=-4.0 required=10.0 tests=RCVD_IN_DNSWL_MED,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy) Received: from [217.194.35.70] (HELO alea.erlm.siemens.de) (217.194.35.70) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 22 Jul 2009 16:17:53 +0000 Received: from alea (localhost.localdomain [127.0.0.1]) by alea.erlm.siemens.de (Postfix) with ESMTP id 187258E0054; Wed, 22 Jul 2009 18:17:31 +0200 (CEST) Received: from medeon.erlm.siemens.de (medeon.erlm.siemens.de [146.254.164.9]) by alea.erlm.siemens.de (Postfix) with ESMTP; Wed, 22 Jul 2009 18:17:30 +0200 (CEST) Received: from WW001E1ERLM002.ww001.siemens.net (unknown [146.254.214.66]) by medeon.erlm.siemens.de (Postfix) with ESMTP id AB377748047; Wed, 22 Jul 2009 18:17:30 +0200 (CEST) Received: from WW001E1ERLMM01.ww001.siemens.net ([146.254.214.73]) by WW001E1ERLM002.ww001.siemens.net ([146.254.214.66]) with mapi; Wed, 22 Jul 2009 18:17:29 +0200 From: "Poehner, Uwe" To: Ron McNulty , Tomcat Users List Date: Wed, 22 Jul 2009 18:17:28 +0200 Subject: AW: Wrong SessionID Thread-Topic: Wrong SessionID Thread-Index: AcoKxMwn3iZ99NGoQ4+aYAV5QLGszgAHGABw Message-ID: <4DD56BDA40EB834197AB226CAF02EB5C01C62375DA@WW001E1ERLMM01.ww001.siemens.net> References: In-Reply-To: Accept-Language: de-DE Content-Language: de-DE X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: de-DE Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org Hi Ron, thanks a lot! I'm pretty sure that's our problem and I already found some S= AP J2EE Application Servers on our intranet with such a JSESSIONID "(J2EE...)I= D...End" and (Cookie) Domain instead of Host configured (still right configured).=20 So I will continue to search for the evil one ... Best Regards Uwe > -----Urspr=FCngliche Nachricht----- > Von: Ron McNulty [mailto:rmcnulty@xtra.co.nz]=20 > Gesendet: Mittwoch, 22. Juli 2009 11:09 > An: Tomcat Users List > Betreff: Re: Wrong SessionID >=20 > Hi Uwe >=20 > I've seen something very similar when a SAP server was incorrectly=20 > configured to produce a JSESSIONID cookie that was global to the=20 > organisation, rather than scoped to the server that produced it. The=20 > "(J2EE13679500)" and "End" parts of the session ID look=20 > suspiciously like=20 > what I saw. >=20 > The only fix was to correctly configure the offending server=20 > - there is=20 > nothing Tomcat can do. When a browser has two cookies with=20 > the same name in=20 > scope, the outcome is indeterminate. We found that the wider=20 > scoped cookie=20 > took precedence. I've often thought the name of the=20 > JSESSIONID cookie should=20 > be configurable, but to my knowledge it is hard-coded. >=20 > If this is the problem, then it is your client's problem=20 > (unless you are=20 > seeing it from inside your intranet). >=20 > Regards >=20 > Ron >=20 > ----- Original Message -----=20 > From: "Poehner, Uwe" > To: > Sent: Wednesday, July 22, 2009 3:26 AM > Subject: Wrong SessionID >=20 >=20 > Hello, >=20 > our tomcat servers seem to produce very sporadically a wrong=20 > JsessionID -=20 > instead of 58EB1F9C39278DBB72528A13EF026EFB.bsp01 > we get (J2EE13679500)ID0574993050DB11991779031281660559End (without a=20 > dot-jvmroute) so we lose stickyness and our session. >=20 > Our environment (Hardware Loadbalancer -> 2 Apache Servers ->=20 > 2 Tomcat=20 > Servers): > Solaris 10 8/07 > Apache/2.2.6 with mod_proxy_ajp, mod_proxy_balancer, ... > Tomcat 5.5.23 with JDK 1.5.0_12-b04 >=20 > Does anybody have an idea? >=20 >=20 > Thanks and Regards > Uwe > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org > For additional commands, e-mail: users-help@tomcat.apache.org >=20 >=20 > = --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org